K
KirkMorgan1
Several times now Windows Defender and the Online Security Scanner found and removed TrojanDownloader:JS/Jesdow.B!url or they get stuck in the removal process. Even when shown as removed if I scan again it is found again. Using Windows Defender Offline didn't even find the file.
It is being found in these locations.
TrojanDownloader:JS/Jesdow.B!url
containerfile: C:\Recovery\Customizations\USMT.PPKG
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files\Lenovo\OneKey App\Lenovo Rescue System\APREG.url
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\PowerDVD12\APREG.url
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\Power2Go\APREG.url
I have read that is a real threat, and I have read it is a false positive. Malwarebytes does not even detect it.
Should I wait to see if it is a false positive? I have read threads stating removing the Cyberlink software still leaves the Trojan. I have updated Windows Defender several times since first finding this yesterday morning.
Continue reading...
It is being found in these locations.
TrojanDownloader:JS/Jesdow.B!url
containerfile: C:\Recovery\Customizations\USMT.PPKG
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files\Lenovo\OneKey App\Lenovo Rescue System\APREG.url
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\PowerDVD12\APREG.url
file: C:\Recovery\Customizations\USMT.PPKG->\ICB\0\MachineSpecific\File\C$\Program Files (x86)\Lenovo\Power2Go\APREG.url
I have read that is a real threat, and I have read it is a false positive. Malwarebytes does not even detect it.
Should I wait to see if it is a false positive? I have read threads stating removing the Cyberlink software still leaves the Trojan. I have updated Windows Defender several times since first finding this yesterday morning.
Continue reading...